This job board retrieves part of its jobs from: Toronto Jobs | Emplois Montréal | IT Jobs Canada

Find jobs in Oregon today!

To post a job, login or create an account |  Post a Job

  Jobs in Oregon  

Bringing the best, highest paying job offers near you

previous arrow
next arrow
Slider

Chief Information Security Officer (CISO)

Qorvo, Inc.

This is a Full-time position in Hillsboro, OR posted February 25, 2021.

Chief Information Security Officer (CISO)

Experience Level: Manager

Job Type: Full-Time

Location:

OR – Hillsboro, US

Requisition ID: 597

The Chief Information Security Officer (CISO) position requires a visionary leader with sound knowledge of business management and a working knowledge of cybersecurity technologies covering the corporate network as well as the broader digital ecosystem. The CISO will proactively work with business units and ecosystem partners to implement practices that meet agreed-on policies and standards for information security. He or she should understand IT and must oversee a variety of cybersecurity and risk management activities related to IT to ensure the achievement of business outcomes where the business process is dependent on technology. The CISO will be responsible for implementing and running the enterprise information security program.

The CISO must be knowledgeable about both internal and external business environments, and ensure that information systems are maintained in a fully functional and secure mode and are compliant with legal, regulatory and contractual obligations. The CISO is a business leader, and should have a track record of competency in the field of information security and/or risk management, with 10 plus years of relevant experience, including five years in a significant leadership role.

RESPONSIBILITIES:

  • Lead the information security function across the company to ensure consistent and high-quality information security management in support of the business goals.
  • Develop an information security vision and strategy that is aligned to organizational priorities and enables and facilitates the organization’s business objectives, and ensure senior stakeholder buy-in and mandate.
  • Understand and interact with related disciplines to ensure the consistent application of policies and standards across all technology projects, systems and services, including privacy, risk management, compliance and business continuity management.
  • Create and manage a targeted information security awareness training program for all employees, contractors and approved system users, and establish metrics to measure the effectiveness of this security training program for the different audiences.
  • Provide regular reporting on the current status of the information security program to enterprise risk teams, senior business leaders and the board of directors as part of a strategic enterprise risk management program.
  • Work with the internal business partners to ensure that information security requirements are included in contracts by liaising with vendor management and procurement organizations.
  • Develop, implement and monitor a strategic, comprehensive information security program to ensure appropriate levels of confidentiality, integrity, availability, safety, privacy and recovery of information assets owned, controlled or/and processed by the organization.
  • Create and manage a unified and flexible control framework to integrate and normalize the wide variety and ever-changing requirements resulting from global laws, standards and regulations.
  • Develop and maintain a document framework of continuously up-to-date information security policies, standards and guidelines. Oversee the approval and publication of these information security policies and practices.
  • Create a framework for roles and responsibilities with regard to information ownership, classification, accountability and protection of information assets.
  • Facilitate a metrics and reporting framework to measure the efficiency and effectiveness of the program, facilitate appropriate resource allocation, and increase the maturity of the information security, and review it with stakeholders at the executive and board levels.
  • Build and nurture external networks consisting of industry peers, ecosystem partners, vendors and other relevant parties to address common trends, findings, incidents and cybersecurity risks.
  • Liaise with external agencies, such as law enforcement and other advisory bodies, as necessary, to ensure that the organization maintains a strong security posture and is kept well-abreast of the relevant threats identified by these agencies.
  • Liaise with the enterprise application teams to build alignment between the security and enterprise architectures, thus ensuring that information security requirements are implicit in these architectures and security is built in by design.
  • Create a risk-based process for the assessment and mitigation of any information security risk in your ecosystem consisting of supply chain partners, vendors, consumers and any other third parties.
  • Work with the compliance staff to ensure that all information owned, collected or controlled by or on behalf of the company is processed and stored in accordance with applicable laws and other global regulatory requirements, such as data privacy.
  • Collaborate and liaise with the data privacy officer to ensure that data privacy requirements are included where applicable.
  • Define and facilitate the processes for information security risk and for legal and regulatory assessments, including the reporting and oversight of treatment efforts to address negative findings.
  • Ensure that security is embedded in the project delivery process by providing the appropriate information security policies, practices and guidelines.
  • Oversee technology dependencies outside of direct organizational control. This includes reviewing contracts and the creation of alternatives for managing risk.
  • Manage and contain information security incidents and events to protect corporate IT assets, intellectual property, regulated data and the company’s reputation.
  • Monitor the external threat environment for emerging threats, and advise relevant stakeholders on the appropriate courses of action.
  • Coordinate the development of implementation of incident response plans and procedures to ensure that business-critical services are recovered in the event of a security event; provide direction, support and in-house consulting in these areas.
  • Facilitate and support the development of asset inventories, including information assets in cloud services and in other parties in the organization’s ecosystem.

QUALIFICATIONS:

  • Requires a bachelor’s degree in Information Systems, IT Security, Compute Science or a related discipline or the equivalent combination of training and experience. Master’s degree highly desirable. 
  • 10+ years of experience in a combination of risk management, information security and IT (at least five must be in a senior leadership role)
  • Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate information security and risk-related concepts to technical and nontechnical audiences at various hierarchical levels, ranging from board members to technical specialists
  • Sound knowledge of business management and a working knowledge of information security risk management and cybersecurity technologies
  • Up-to-date knowledge of methodologies and trends in both business and IT
  • Proven track record and experience in developing information security policies and procedures, as well as successfully executing programs that meet the objectives of excellence in a dynamic business environment
  • Poise and ability to act calmly and competently in high-pressure, high-stress situations
  • Must be a critical thinker, with strong problem-solving skills
  • Excellent analytical skills, the ability to manage multiple projects under strict timelines, as well as the ability to work well in a demanding, dynamic environment and meet overall objectives
  • Ability to lead and motivate the information security team to achieve tactical and strategic goals, even when only “dotted line” reporting lines exist
  • Effective presentation skills and the ability to communicate with senior leadership including board of director members
  • Professional security management certification is desirable, such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials.
  • Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT as well as those from NIST, including 800 series and Cybersecurity Framework
  • High level of personal integrity, as well as the ability to professionally handle confidential matters and show an appropriate level of judgment and maturity
  • High degree of initiative, dependability and ability to work with little supervision while being resilient to change

All successful candidates must be able to pass a drug screening test, pass a criminal background check, and provide proof of lawful work authorization in the United States.

#LI-SM1

MAKE A DIFFERENCE AT QORVO

We are Qorvo. We do more than create innovative RF solutions for the mobile, defense and infrastructure markets – we are a place to innovate and shape the future of wireless communications. It starts with our employees. As a unified global team, we bring a commitment to excellence, growth and a passion for creating what’s next. Explore the possibilities with us.

We are an Equal Employment Opportunity (EEO) / Affirmative Action employer and welcome all qualified applicants. Applicants will receive fair and impartial consideration without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, military or veteran status, physical or mental disability, genetic information, and/or any other status protected by law.

AL Jobs AR Jobs CA Jobs GA Jobs KS Jobs KY Jobs LA Jobs MD Jobs MI Jobs MN Jobs MS Jobs MO Jobs NY Jobs OR Jobs TN Jobs TX Jobs UT Jobs VA Jobs WV Jobs ID Jobs